This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 5.04:
libwmf0.2-7 0.2.8-1.1ubuntu0.1

Ubuntu 5.10:
libwmf0.2-7 0.2.8.3-2ubuntu0.1

Ubuntu 6.06 LTS:
libwmf0.2-7 0.2.8.3-3.1ubuntu0.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

An integer overflow was found in the handling of the MaxRecordSize
field in the WMF header parser. By tricking a user into opening a
specially crafted WMF image file with an application that uses this
library, an attacker could exploit this to execute arbitrary code with
the user's privileges.